<?php
require_once("vcl/vcl.inc.php");
require_once("lib/db_connection.php");
//Includes
use_unit("forms.inc.php");
use_unit("extctrls.inc.php");
use_unit("stdctrls.inc.php");

//Class definition
class AddUser extends Page
{
       public $cmbAccess = null;
       public $Label1 = null;
       public $hfNewLength = null;
       public $hfVerLength = null;
       public $lblError2 = null;
       public $lblError = null;
       public $hiddenUserError = null;
       public $lblUsernameError = null;
       public $btnCheck = null;
       public $chkAdmin = null;
       public $edConfirm = null;
       public $edPass = null;
       public $edUser = null;
       public $Image1 = null;
       public $btnCancel = null;
       public $btnAdd = null;
       public $lblconfirmpw = null;
       public $lblPassword = null;
       public $lblUsername = null;
       function edConfirmJSBlur($sender, $params)
       {

       ?>
       var newPass1 = document.getElementById('edPass').value;
       var newPass2 = document.getElementById('edConfirm').value;

       if(newPass1!=newPass2)
       {
        document.getElementById('lblError2').innerHTML = "New Passwords did not match";
       }
       else
       {
        document.getElementById('lblError2').innerHTML = "";
       }

       <?php

       }

       function edPassJSBlur($sender, $params)
       {

       ?>
       var newPass1 = document.getElementById('edPass').value;
       if(newPass1.length>8 || 6>newPass1.length)
       {
         document.getElementById('lblError').innerHTML = "&darr;Password should be 6-8 characters&darr;";
       }
       if(newPass1.length>=6 && 8>=newPass1.length)
       {
         document.getElementById('lblError').innerHTML = "";
       }

       <?php

       }

       function edConfirmJSKeyUp($sender, $params)
       {

       ?>
       var newPass2 = document.getElementById('edConfirm').value;
       document.getElementById('hfVerLength').value = newPass2.length;

       regex_pattern = "^[a-zA-Z0-9]*$";
       var reg = new RegExp(regex_pattern);
       var match = document.getElementById('edConfirm').value.match(reg);
       if(match==null)
       {
        document.getElementById('lblError2').innerHTML = "&darr;Alphanumeric characters only&darr;";
       }
       else
       {
        document.getElementById('lblError2').innerHTML = "";
       }

       <?php

       }

       function edPassJSKeyUp($sender, $params)
       {

       ?>
       var newPass1 = document.getElementById('edPass').value;
       document.getElementById('hfNewLength').value = newPass1.length;

       regex_pattern = "^[a-zA-Z0-9]*$";
       var reg = new RegExp(regex_pattern);
       var match = document.getElementById('edPass').value.match(reg);
       if(match==null)
       {
        document.getElementById('lblError').innerHTML = "&darr;Alphanumeric characters only&darr;";
       }
       else
       {
        document.getElementById('lblError').innerHTML = "";
       }

       <?php

       }

       function chkOnCreate()
       {
       $query_unique = "SELECT username FROM accounts_tbl WHERE username='".$this->edUser->Text."'";
       $result_unique = mysql_query($query_unique) or die("UNIQUE ".mysql_error());
       $count_unique = mysql_num_rows($result_unique);

       if($count_unique==0 && $this->edUser->Text!='')
       {
        $this->lblUsernameError->Caption = 'Username Available';
        $this->lblUsernameError->Font->Color = 'Blue';
	      $this->hiddenUserError->setValue('0');

        $this->edPass->Enabled = true;
        $this->edConfirm->Enabled = true;
       }
       }

       function btnCheckClick($sender, $params)
       {
       $query_unique = "SELECT username FROM accounts_tbl WHERE username='".$this->edUser->Text."'";
       $result_unique = mysql_query($query_unique) or die("UNIQUE ".mysql_error());
       $count_unique = mysql_num_rows($result_unique);

       if($count_unique>0)
       {
        $this->lblUsernameError->Caption = 'This username is not available';
        $this->lblUsernameError->Font->Color = 'Red';
        $this->hiddenUserError->setValue('1');

        $this->edPass->Enabled = false;
        $this->edConfirm->Enabled = false;
       }
       if($count_unique==0 && $this->edUser->Text!='')
       {
        $this->lblUsernameError->Caption = 'Username Available';
        $this->lblUsernameError->Font->Color = 'Blue';
	      $this->hiddenUserError->setValue('0');

        $this->edPass->Enabled = true;
        $this->edConfirm->Enabled = true;
       }
       if($this->edUser->Text=='')
       {
        $this->lblUsernameError->Caption = 'Please type a valid username';
        $this->lblUsernameError->Font->Color = 'Red';
	      $this->hiddenUserError->setValue('1');

        $this->edPass->Enabled = false;
        $this->edConfirm->Enabled = false;
       }


       }

       function btnCancelClick($sender, $params)
       {
       $comp_id = $_SESSION['company_id'];
       redirect('user_list.php?company_id='.$comp_id);
       }

       function AddUserCreate($sender, $params)
       {
       $comp_id = $_SESSION['company_id'];

       $this->chkOnCreate();

       $this->edUser->Text="";
       $this->edPass->Text="";
       $this->edConfirm->Text="";

       $this->hiddenUserError->setValue('0');
       $this->lblUsernameError->Caption = '';
       $this->edPass->Enabled = false;
       $this->edConfirm->Enabled = false;

       $this->lblError->Caption='';
       $this->lblError2->Caption='';

       $this->cmbAccess->Clear();
       $this->cmbAccess->AddItem('--Select--', null, '--Select--');
       $result_access = mysql_query("select * from accounts_access_level where company_id='".$_SESSION['company_id']."'");

       while($row_access = mysql_fetch_array($result_access))
        {
            $this->cmbAccess->AddItem($row_access['account_level'], null, $row_access['id']);
        }

       }

       function btnAddClick($sender, $params)
       {
       $comp_id = $_SESSION['company_id'];
       $this->btnCheckClick($sender, $params);
       $newpw = $this->edPass->getText();
       $verifypw = $this->edConfirm->getText();

       $error = 0;
       $new_length = $this->hfNewLength->getValue();
       $ver_length = $this->hfVerLength->getValue();

       if($newpw!=$verifypw)
       {
        $this->lblError2->Caption='New Passwords did not match';
        $error = 1;
       }
       if($new_length<6 || $new_length>8)
       {
        $this->lblError->Caption='&darr;Password should be 6-8 characters&darr;';
        $error = 1;
       }
       if($ver_length<6 || $ver_length>8)
       {
        $this->lblError2->Caption='&darr;Password should be 6-8 characters&darr;';
        $error = 1;
       }

       if($this->chkAdmin->Checked==true)
       {
       $admin='1';
       }
       if($this->chkAdmin->Checked==false)
       {
       $admin='0';
       }

       if($this->hiddenUserError->getValue()==0 && $error==0)
       {
       $query_user = "insert into accounts_tbl (username,
       password,
       company_id,
       company_name,
       access_level_id,
       admin,
       approval,
       created_by)
       VALUES
       ('".$this->edUser->Text."',
       '".sha1($this->edPass->Text)."',
       '".$_SESSION['company_id']."',
       '".$_SESSION['company_name']."',
       '".$this->cmbAccess->getItemIndex()."',
       '1',
       '1',
       '".$_SESSION['username']."')";
       $result_user = mysql_query($query_user)or die("INSERT USER - ".mysql_error());

       echo"<script language=javascript>
       var answer = confirm('Add another record?');
       if(answer)
       {
       window.location = 'user_create.php';
       }
       else
       {
       window.location = 'user_list.php';
       }
       </script>";
       //redirect('user_list.php?company_id='.$comp_id);
       }
       if($this->hiddenUserError->getValue()==1 && $error==1)
       {
       }
       }

}

global $application;

global $AddUser;

//Creates the form
$AddUser=new AddUser($application);

//Read from resource file
$AddUser->loadResource(__FILE__);

//Shows the form
$AddUser->show();

?>